2 minute read
Insufficient cyber security spells self-sabotage for UK SMEs
No matter what size, organisations need to take cyber security seriously to protect against disruption
WORDS: BY THE UK CYBER SECURITY COUNCIL
Advertisement
Many small and medium businesses may assume that they slip under the radar of cyber threats, safe in the comfort that no one wants to hack a small business. However, according to insurer Hiscox, one small business is hacked every 19 seconds – which translates to millions in revenue lost each year.
In support of the government’s aim to make the UK one of the safest places in the world to live and work online, the UK Cyber Security Council was formed to become the voice of the UK’s cyber security profession, working to educate the UK on why specialist cyber security is important to all business, no matter what size. It sounds harsh but it’s unfortunately true, failure to protect your business will sooner or later result in a cyber security issue. More than 80% of UK organisations experienced a cyberattack in the past year, proving that the threat is real, and incidents are occurring more frequently. Oftentimes these attacks are unsophisticated and entirely preventable, the cyber equivalent of a burglar trying a door handle and catching people off guard. You can be sure that a SME would never leave their office door unlocked, so why risk leaving themselves vulnerable to a host of cyber threats?
No matter their size, organisations need to take cyber security seriously, to protect against operational disruption and the knock on financial and reputational effects caused by a cyber-attack. A protected business is also a more productive business as teams are not slowed or shut down completely by viruses and malware. Fundamentally it is in business’ best interest to deploy adequate cyber protection with expert staff.
That said, a recent labour market report from the UK government found the UK’s cyber sector is facing a workforce gap of 14,100 people. Coupled with a rising number and a It may sound harsh but failure to protect your business will sooner or later result in a cyber security issue variety of cyber threats, it has become increasingly important for the UK to address that skills shortfall and encourage new cyber professionals into the industry.
Understandably, SMEs may not be in a position to create hugely competitive packages and attract highly sought-after cyber security talent – which is where upskilling existing team members can be advantageous to the business, the individual and the cyber security industry as a whole.
Many people involved in the management of cyber security processes do so as part of another ‘cyber-enabled’ role and these are the kind of candidates who make perfect home-grown cyber experts for your business.
Those with a cyber-enabled role understand the organisation’s cyber needs and can upskill to specialise in the areas which matter most to your business. And with the introduction of professional standards, ethics, and career mapping from the UK Cyber Security Council, cyber career trajectories will soon be clearly mapped out, taking into account the 16 specialisms within cyber, and awarding the professional titles of Associate, Principal and Chartered. Making a clear and attractive career path for those pursing cyber.
However, there is a common – and dangerous – misconception that cyber security sits only with the IT team. Everyone involved in a business should understand cyber security and know that cyber security is everyone’s responsibility.
People are naturally suspicious of
